Privacy Policy
Effective Date: October 29, 2024
I am committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how I collect, use, and safeguard your data when you interact with my services, including payments made via Stripe.
By using my services, you agree to the practices described in this policy.
1. Information I Collect
I may collect the following types of personal information:
Contact Information: Name, email address, and mailing address.
Payment Information: Payments are processed securely by Stripe, and I do not have access to your full credit or debit card details. I may see limited information, such as the last four digits of your card number, for reference purposes.
Project and Business Information: Details about your project, preferences, and business needs to provide the best possible service.
Technical Information: IP address, browser type, and other technical information collected automatically when you visit my website, communicate with me, or complete a payment through Stripe. This information is gathered for security and fraud prevention purposes.
2. How I Use Your Information
I use the collected information for the following purposes:
Service Delivery: To provide and manage my game development services, including communication regarding project progress and deliverables.
Billing and Payments: To process payments securely via Stripe, issue invoices, and manage transactions.
Customer Support: To respond to your inquiries, provide technical assistance, and improve customer service.
Legal and Regulatory Compliance: To comply with legal obligations, prevent fraud, and protect the security of my services.
3. Lawful Basis for Processing
Under the General Data Protection Regulation (GDPR), I process your personal information based on the following legal grounds:
Contractual Necessity: I process your personal data to fulfill my contract with you, including providing game development services and handling payments.
Consent: Where I ask for your explicit consent (e.g., for marketing communications), I process your data based on this consent, which can be withdrawn at any time.
Legal Obligations: I may process your data to comply with legal requirements, such as tax and accounting obligations.
Legitimate Interests: I process your personal data to pursue legitimate interests, such as improving my services and securing my website, provided that these interests do not override your privacy rights.
4. Sharing Your Information
I do not sell or rent your personal information to third parties. However, I may share your information in the following circumstances:
Payment Processing: I share payment details with Stripe, my secure payment processor, to handle transactions. Stripe's use of your information is governed by their own privacy policy, which can be found here.
Service Providers: I may share your data with trusted third-party service providers who assist in delivering my services (e.g., hosting providers, email services).
Legal Compliance: If required by law or to protect my legal rights, I may disclose your information to law enforcement or regulatory authorities.
5. Data Transfers Outside the EU/EEA
If I transfer your personal data to service providers or partners outside the European Economic Area (EEA), I ensure that your data is protected through appropriate safeguards, such as:
The recipient country has been deemed by the European Commission to provide an adequate level of data protection.
Standard contractual clauses approved by the European Commission are in place.
The transfer complies with GDPR’s specific conditions.
I primarily use Stripe, which may transfer data to the United States. Stripe complies with GDPR requirements through mechanisms like standard contractual clauses.
6. Data Security
I take appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, or misuse. All payment information is securely processed and stored by Stripe. Payment data, including credit or debit card details, is encrypted and handled exclusively by Stripe through their secure system. I do not store or have direct access to sensitive payment information on my servers.
7. Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Right of Access: You have the right to request access to the personal data I hold about you.
Right to Rectification: You can request that I correct inaccurate or incomplete data.
Right to Erasure (Right to be Forgotten): You may request that I delete your personal data, provided there is no legal obligation to retain it.
Right to Restrict Processing: You can request that I limit the processing of your data under certain circumstances.
Right to Data Portability: You can request to receive your data in a structured, commonly used format, or for me to transfer it directly to another service provider.
Right to Object: You can object to the processing of your data, particularly for direct marketing purposes or when processing is based on legitimate interests.
Right to Withdraw Consent: If I rely on your consent for processing, you have the right to withdraw it at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint: If you believe your rights have been violated, you can lodge a complaint with the relevant data protection authority (in Germany, this would be the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)).
To exercise any of these rights, please contact me.
8. Data Retention
I will retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including providing services to you and complying with legal, accounting, or reporting requirements.
Invoices and payment records will be kept for 10 years in accordance with tax and legal obligations.
Project-related communication and files will be kept for the duration of the project and for 3 years afterward, unless you request their deletion sooner. This retention period allows for handling any post-project support, disputes, or inquiries.
Please note that communications conducted on platforms such as Discord may be stored indefinitely, as these services do not automatically delete messages. I may retain these chat logs for as long as I deem necessary to address any relevant support needs or inquiries, in compliance with data protection regulations.
If you withdraw consent for data processing, I will delete your data unless it is required for legal obligations.
9. Cookies and Tracking Technologies
I do not use cookies or similar tracking technologies on my website. However, I may collect technical information, such as your IP address and browser type, when you visit my site for the purposes of security and improving user experience. If this changes in the future, I will update this Privacy Policy and notify you accordingly.
10. Third-Party Links
My website or communications may contain links to third-party websites (e.g., social media platforms, Stripe). I am not responsible for the privacy practices of these external sites. I encourage you to review the privacy policies of any third-party websites you visit.
11. Complaints
If you believe I have not complied with data protection laws, you can file a complaint with the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI) in Germany or your local data protection authority.
Contact details:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Website: https://www.bfdi.bund.de
12. Changes to This Privacy Policy
I may update this Privacy Policy from time to time. Any changes will be posted on this page, and I will notify you of significant updates via email or through my website. Please check back periodically to stay informed about how I protect your data.
13. Contact Me
If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your data rights, please contact me through the contact form available on my website.